Last Friday, NE published a blog which discussed the results that the Department for Culture, Media and Sport (DCSM) and Proband released on cyber security. Although the figures contradicted one another, both reports agreed that the number of attacks and breaches are on the rise. They also highlighted a major issue: cost.
When a breach has resulted in a loss of data or assets, the average cost of a cyber attack on a business has gone up by more than £1,000 since 2018 to £4,180.
“Following the introduction of new data protection laws in the UK it’s encouraging to see that business and charity leaders are taking cyber security more seriously than ever before," Paolo Sartori, Managing Director of TransWorldCom, an IT and Communication Solutions business, said. "However, with less than 3 in 10 of those companies having trained staff to deal with cyber threats, there’s still a long way to go to make sure that organisations are better protected.
“Business leaders are now being urged to do more to protect themselves against cybercrime in the wake of this new report. With hackers becoming more creative, business and third-sector cybersecurity needs to improve. With more breaches being reported and it costing the private and charitable sectors more money each time, there needs to be a concerted effort to educate individuals against the full scope of data threats.
"A chain is only as strong as its weakest link," he stressed, "and workers succumbing to fake emails, for example, leave us all exposed. Whether you have been a customer of a business or have donated to a charity, these kinds of illegal breaches can put all of our personal and financial data at risk. Even with adequate security measures in place, one of the only ways to protect effectively from cyber criminals is to make sure employees are well educated with the specifics of high net-worth clients and their individual needs."
He continued: "Many smaller companies, in terms of both size and IT budget, will often overlook investing in a robust technological infrastructure and instead put money into things such as search engine optimisation, marketing and sales operations. These are all vital things for business, but in today’s modern age if a company loses the data connections that they rely on they cannot continue to work efficiently."
Paolo recommended that businesses invest in infrastructure relative to their goals and not their current business position. This includes strong firewall and anti-viral software to protect the data and effective cyber-security education to protect the employers and the company as a whole.
"In a time of increasing data breaches, people often – and correctly –think about how it affects the people who have had their information potentially leaked. However, what they often do not realise is that if the company is in breach of GDPR then they can be charged €20 million or 4% of the company’s revenue, whichever is higher. This would obviously be incredibly destructive for a smaller business or charity.”
In the meantime, Government is encouraging business and charity leaders to download the free small business guide and free small charity guide to help make sure that they don’t fall victim to cyber attacks. This is available through the National Cyber Security Centre (NCSC).